Mozilla releases Firefox 37 with Opportunistic Encryption and Heartbeat

Mozilla has just released version 37 of its Firefox browser which introduces the Heartbeat user rating system and opportunistic encryption of HTTP traffic. As always, this version also includes the usual bug fixes


With Firefox 37, Mozilla introduces Heatbeat, a new way of getting feedback from its users. Heartbeat should provide Mozilla with a real-time understanding of the desktop user of the browser which in its turn allows the Firefox developers to pivot more quickly based on the needs and desires of users. Heartbeat ties user perception to technical information so Mozilla can take feedback and feed that into future Firefox releases.

Another new feature is called Opportunistic Encryption (OE) which provides unauthenticated encryption. Basically it means that encrypted data is transferred over regular HTTP which makes it harder for attackers to eavesdrop on your connection, however because it’s unauthenticated, there’s no certainty over who’s on the other side. This means man-in-the-middle-attacks are still possible, in contrary to HTTPS. Consider OE as “encryption light”.

OE is mainly targeted at websites that have legacy content that can’t be (easily) migrated to HTTPS and requires the server to support it.

Besides OE and Heartbeat, Mozilla has added HTTPS support for Bing and Yandex is now the default search engine for Turkey. Updating to version 37 can be done using the automatic install feature or by downloading it from the Firefox website.